<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8; never" name="referrer">
<title>无标题文档</title>
</head>

<body>
<?php
    $id=  $_GET['id'];
    // 连接数据库
    $conn=@mysql_connect("localhost","root","")  or die(mysql_error());
     mysql_query("SET NAMES UTF8");
    @mysql_select_db('guyueyan',$conn) or die(mysql_error());
   
    /*
    $select2 = "select max(id) from picture ";
    $res = mysql_query($select2);
    $id = mysql_fetch_array($res);
         $name = "";
    print_r($id);
    */
    if(isset($_POST['ann'])){
        /*print_r($_POST);*/
       
        /*
        file_get_contents() 函数把整个文件读入一个字符串中
        mysql_real_escape_string() 函数转义 SQL 语句中使用的字符串中的特殊字符。
        ^如果成功，则该函数返回被转义的字符串。如果失败，则返回 false。
        */
        $image = mysql_real_escape_string(file_get_contents($_FILES['a']['tmp_name']));

        $type = $_FILES['a']['type'];
        $name = $_POST['name'];
        $sqlstr = "insert into picture(name,user_id,type,content) values('$name',$id,'".$type."','".$image."')";
        
        @mysql_query($sqlstr) or die(mysql_error());
        echo '<script>alert("上传成功！");history.back();</script>';
       /* Header("Localhost:/testing/pages/UpImg-master/index.php?id=$id");*/
    
        exit();
    }
?>
    
</body>
</html>